Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C002/C01D0C0CA92511EEAC4BDB57C4F9AE02/6A3458E4A92611EEA0DBD474C4F9AE02.roa
File: 6A3458E4A92611EEA0DBD474C4F9AE02.roa (raw, json)
Hash identifier: lfxUB5iVKBpUSXIZuyMnnap7Fj7cGNrFgFfkhMTq3WE=
Subject key identifier: 9B:C0:4D:A2:1B:6F:4F:B2:7C:F3:AB:D1:E1:16:97:5B:B5:93:BD:7C
Certificate issuer: /CN=A914C002/serialNumber=924A2017564ADAFB2236A20FBF73ADA1B96BFF33
Certificate serial: 02
Authority key identifier: 92:4A:20:17:56:4A:DA:FB:22:36:A2:0F:BF:73:AD:A1:B9:6B:FF:33
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kkogF1ZK2vsiNqIPv3Otoblr_zM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C002/C01D0C0CA92511EEAC4BDB57C4F9AE02/6A3458E4A92611EEA0DBD474C4F9AE02.roa
Signing time: Tue 02 Jan 2024 04:21:35 +0000
ROA not before: Tue 02 Jan 2024 04:21:35 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 147059
IP address blocks: 157.10.28.0/23 maxlen: 23
157.10.28.0/24 maxlen: 24
157.10.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 11:25:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C002/serialNumber=924A2017564ADAFB2236A20FBF73ADA1B96BFF33
Validity
Not Before: Jan 2 04:21:35 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65938f4f-1a7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:02:c8:b6:7a:0a:0b:dd:87:dd:a7:f7:8d:46:
de:0e:89:50:d1:28:dc:4d:64:e9:99:fd:9f:07:84:
6d:c4:4c:33:41:cb:b2:a5:27:fd:84:08:d3:b0:50:
02:0e:4c:8c:93:43:a4:78:f9:e8:d3:02:8c:9e:b6:
3d:c0:ad:2e:c5:66:ff:36:1e:f0:8d:b1:82:05:cd:
f4:ad:64:5e:f6:22:e9:7d:df:f2:98:7c:22:6c:6d:
c5:9c:9b:93:ff:93:41:6e:b7:3d:18:21:f7:75:85:
84:ef:a6:21:be:ce:8f:da:75:d1:2b:72:61:31:61:
71:b8:8a:ea:1b:ed:ce:a2:5c:05:90:cc:ca:b0:f2:
ab:b9:81:52:ec:b0:87:ed:d8:0e:85:f2:b4:c1:26:
69:c0:4f:64:32:39:0c:4b:be:3e:e1:26:07:8f:0b:
34:d4:aa:bf:2e:45:9e:65:e9:25:0d:bb:46:65:d7:
81:53:0a:35:5c:a8:c7:2f:70:77:db:a4:6c:a0:f5:
eb:b5:5c:aa:c5:9e:41:da:3b:57:16:12:15:83:c2:
3a:da:fa:4a:4d:29:73:af:81:ef:84:87:05:b5:0d:
ba:9f:97:7b:ac:c1:08:5a:0a:7f:70:79:a5:65:74:
9c:61:76:08:3b:14:94:b5:ee:e6:13:18:4d:7e:1c:
f1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:C0:4D:A2:1B:6F:4F:B2:7C:F3:AB:D1:E1:16:97:5B:B5:93:BD:7C
X509v3 Authority Key Identifier:
keyid:92:4A:20:17:56:4A:DA:FB:22:36:A2:0F:BF:73:AD:A1:B9:6B:FF:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C002/C01D0C0CA92511EEAC4BDB57C4F9AE02/kkogF1ZK2vsiNqIPv3Otoblr_zM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kkogF1ZK2vsiNqIPv3Otoblr_zM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C002/C01D0C0CA92511EEAC4BDB57C4F9AE02/6A3458E4A92611EEA0DBD474C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.28.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:92:e4:49:b1:5f:8c:c2:e4:41:b7:72:9d:5a:69:ec:f9:ff:
a2:52:55:35:d1:55:62:3b:e8:d4:16:fa:fb:c5:88:3a:aa:b9:
a0:9b:72:87:3f:62:7e:d7:b4:58:b4:36:6c:23:2f:7f:67:ff:
e8:13:3e:61:e0:9b:43:f8:45:3e:c9:b9:f1:3a:9e:10:72:3c:
15:59:1b:1e:06:ad:0f:e4:cd:18:19:4d:d3:33:c8:05:e8:d9:
e7:57:34:b6:ca:59:74:55:19:98:a0:c6:db:32:d0:fa:4a:39:
d4:b8:ad:35:bb:66:f4:fa:4e:8d:4a:f6:9c:1e:e8:83:97:dc:
89:57:f0:1e:d9:a8:d6:c9:98:28:09:53:1b:5e:11:66:c2:48:
2c:15:4a:be:7c:f7:33:89:a9:6c:3d:79:c5:61:e5:8e:e9:09:
c3:d7:a4:96:e6:46:3b:41:d2:80:c3:fa:ac:58:4d:91:65:33:
59:71:d9:6a:ec:85:d0:e6:e3:94:79:c6:d7:89:8d:3d:e1:e9:
50:30:16:73:1a:2f:0d:2c:72:cb:97:0a:83:b4:6c:1a:27:f0:
92:14:0b:22:88:2b:f9:d7:00:b9:27:0d:d6:63:0e:0b:93:dd:
5c:8d:c3:7f:80:ed:0a:93:85:32:6c:de:1e:bd:5c:90:08:9f:
a3:45:30:a5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
QzAwMjExMC8GA1UEBRMoOTI0QTIwMTc1NjRBREFGQjIyMzZBMjBGQkY3M0FEQTFC
OTZCRkYzMzAeFw0yNDAxMDIwNDIxMzVaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OTM4ZjRmLTFhN2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCgAsi2egoL3Yfdp/eNRt4OiVDRKNxNZOmZ/Z8HhG3ETDNBy7KlJ/2ECNOwUAIO
TIyTQ6R4+ejTAoyetj3ArS7FZv82HvCNsYIFzfStZF72Iul93/KYfCJsbcWcm5P/
k0Futz0YIfd1hYTvpiG+zo/addErcmExYXG4iuob7c6iXAWQzMqw8qu5gVLssIft
2A6F8rTBJmnAT2QyOQxLvj7hJgePCzTUqr8uRZ5l6SUNu0Zl14FTCjVcqMcvcHfb
pGyg9eu1XKrFnkHaO1cWEhWDwjra+kpNKXOvge+EhwW1Dbqfl3uswQhaCn9weaVl
dJxhdgg7FJS17uYTGE1+HPERAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUm8BNohtv
T7J886vR4RaXW7WTvXwwHwYDVR0jBBgwFoAUkkogF1ZK2vsiNqIPv3Otoblr/zMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRDMDAyL0MwMUQwQzBDQTky
NTExRUVBQzRCREI1N0M0RjlBRTAyL2trb2dGMVpLMnZzaU5xSVB2M090b2Jscl96
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIva2tvZ0YxWksydnNpTnFJUHYzT3RvYmxyX3pNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QzAwMi9DMDFEMEMwQ0E5MjUxMUVFQUM0QkRCNTdDNEY5QUUwMi82QTM0NThFNEE5
MjYxMUVFQTBEQkQ0NzRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0KHDANBgkqhkiG9w0BAQsFAAOCAQEArZLkSbFfjMLkQbdy
nVpp7Pn/olJVNdFVYjvo1Bb6+8WIOqq5oJtyhz9ifte0WLQ2bCMvf2f/6BM+YeCb
Q/hFPsm58TqeEHI8FVkbHgatD+TNGBlN0zPIBejZ51c0tspZdFUZmKDG2zLQ+ko5
1LitNbtm9PpOjUr2nB7og5fciVfwHtmo1smYKAlTG14RZsJILBVKvnz3M4mpbD15
xWHljukJw9ekluZGO0HSgMP6rFhNkWUzWXHZauyF0ObjlHnG14mNPeHpUDAWcxov
DSxyy5cKg7RsGifwkhQLIogr+dcAuScN1mMOC5PdXI3Df4DtCpOFMmzeHr1ckAif
o0UwpQ==
-----END CERTIFICATE-----
Generated at Wed Jan 17 15:50:40 2024 by rpki-client on console-ams.rpki-client.org